<?php
  session_start();
  $sessionUserId = $_SESSION['userId'];
  
  // if session not valid check if validation was put in the url  
  if (empty($sessionUserId)) {     
    if ( $_SERVER['REQUEST_METHOD'] === 'POST' ) {
        $sessionUserLogin = $_POST['userLogin'];     
        $sessionUserTid   = $_POST['userTid'];
    } else {
        $sessionUserLogin = $_GET['userLogin'];
        $sessionUserTid   = $_GET['userTid'];
    }
    include_once('db.php');
    $conn = &ADONewConnection($dbType);
    $conn->PConnect($dbServer, $dbUser, $dbPassword, $dbName);
    //$conn->debug = true; 
    if ($sessionUserLogin && $sessionUserTid) {    	   
        // check user and trackid
        $query = "select id_user, login, name, state, trackid, email, publicpos, lastPosition, privileges, id_country  from user where login=".$conn->qstr($sessionUserLogin)." and trackid=$sessionUserTid";
        $rs = $conn->Execute($query);
        foreach ($rs as $row) {
            $sessionUserId = $row[0];                 
            $_SESSION['userId'] = $row[0];
            $_SESSION['userLogin'] = $row[1];
            $_SESSION['userName'] = $row[2];
            $_SESSION['userTid'] = $row[4];
            $_SESSION['userEmail'] = $row[5];
            $_SESSION['userPublic'] = $row[6];
            $_SESSION['userCurrentPosition'] = $row[7];
            $_SESSION['userPrivileges'] = $row[8];
            $_SESSION['userCountry'] = $row[9];
                        
        }        
        $rs->close();
        
    }
    $conn->close();           
  }
  if (!empty($sessionUserId)) {
    $sessionUserId = $_SESSION['userId'];
    $sessionUserLogin = $_SESSION['userLogin'];
    $sessionUserName = $_SESSION['userName'];
    $sessionUserTid = $_SESSION['userTid'];
    $sessionUserEmail = $_SESSION['userEmail'];
    $sessionUserPublic = $_SESSION['userPublic'];
    $sessionUserCurrentPosition = $_SESSION['userCurrentPosition'];
    $sessionUserPrivileges = $_SESSION['userPrivileges'];
    $sessionUserCountry = $_SESSION['userCountry'];
  }
  
  function IsSessionValid() {
		if ( empty($_SESSION['userId'])) 
		{
			return false;
		} else {
			return true;
		}	
	}
?>
